1. Field of Invention
The present invention relates to Internet security, and in particular, to authenticating users on-line.
2. Related Art
With increased computer use, Internet security is an ever-increasing problem and concern. Areas where Internet security is important include financial transactions between parties, exchange of personal information such as date of birth, social security number, and mother's maiden name, and exchange of financial information such as credit card account numbers, bank account numbers, and other financial institution information. There are many ways to obtain sensitive information fraudulently or to perform a fraudulent transaction over the Internet. One example is through the use of automated software responding to inquiries or requesting information through the Internet. The software may be able to obtain certain sensitive information through the exchange. Computer software has been developed that can mimic human actions, resulting in problems such as quality of service degradation, spamming, and automated posting to blogs and forums.
CAPTCHA (an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”) is a commonly used security measure to determine whether a recipient is human or a computer. CAPTCHA is a well-known method to determine whether a response is generated by a computer or a human. CAPTCHA displays a distorted image of a sequence of letters and/or numbers. A user entering the correct sequence of letters and/or numbers is determined to be human, as computers are generally unable to reproduce the sequence. Details of CAPTCHA are well known.
One way to defeat CAPTCHA is to use cheap human labor to process and respond to the tests'. Thus, while CAPTCHA may be effective in distinguishing between humans and machines, it cannot determine whether a human user is an authorized user.
Therefore, there is a need for an improved CAPTCHA that distinguishes between a human and a computer, as well as whether a human is an authorized user.